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Introduction 


Theory 
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Why most security 
tools suck 
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Huge % of incidents 
revolve around 
operational or coding 
issues 
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Centralization, automation 
& testing can address this 
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Use APIs and existing 
ops/dev tools! 
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The Dark side of API/ 
automation security 
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Data analysis 
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Practice (Reality) 
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Security tools you can't 

avoid 
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Real life automation 
demonstrations 
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Auto-code/site scanning 
on commit 
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Auto-scanning on VM 
launch 
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Exploiting APIs, when 
endpoints aren't secured 
and unintended 
consequences 
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Altering your focus on the 
basis of gathered data 
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What's missing, where do 
we need more 
improvement 
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Conclusion 
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Any questions? 


David Mortman 

Chief Security Architect 
david.mortman@enstratus.com 
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